Networking

The VMware education department is starting a 5 Session NSX webcast for free. Below is information on session one starting on February 01, 2018. However, when you click on the RSVP button you’ll have the option to register for all 5 sessions! I’d recommend registering now and take advantage of this great opportunity.

TIP: After going to the RSVP webpage, pay attention to the session description. Because sessions are in different regions (AMER, APJ, and EMEA). I’d suggest choosing one closest to your region.

Here are the Sessions descriptions for AMER. All locations seem to be have the same description, the only exception would be their timezone.

Did you know it’s possible to extend LANs beyond their previous boundaries and optimize routing in the data center? Or decouple virtual network operations from your physical environment to literally eliminate potential network disruptions for future deployments? Join us to learn how VMware NSX can make these a reality. We’ll also cover the networking components of NSX to help you understand how they provide solutions to three classic pain points in network operations:

Did you know that more than 1.5 billion data records were compromised in the first half of 2017? Experts are expecting these numbers to grow. Are you prepared? Join us to learn how a design based on VMware vSphere and VMware NSX can help you protect the integrity of your information as well as your organization. Among the areas covered will be the VMware ESXi host within vSphere that includes the host firewall and virtual machine encryption, along with the VMware vCenter layer that provides certificate management. We’ll also dive into a number of features within NSX, including the distributed Logical Router and Distributed Firewall that protect traffic within the data center and the Edge Services Gateway that secures north/south traffic through the edge firewall and virtual private network.

The VMware NSX controllers are the central control point for all logical switches within a network and maintain information for all virtual machines, hosts, logical switches, and VXLANs. If you ever wanted to efficiently troubleshoot end-to-end communications in an NSX environment, it is imperative to understand the role of the NSX controllers, what information they maintain, and how the tables are populated. Well look no further. Give us an hour and you will see the various agents that the NSX controllers use for proper functionality. Use the NSX Central CLI to display the contents of the VTEP, MAC, and ARP tables. We will examine scenarios that would cause the contents of these tables to change and confirm the updates. Finally, we will examine, in detail, Controller Disconnected Operation and how this feature can minimize downtime.

The VMware NSX Distributed Firewall (DFW) is the hottest topic within the NSX community. It is the WOW of micro-segmentation. But many questions arise. Who made the rule? Who changed the rule? Is the rule working? Where are these packets being stopped? Why aren’t these packets getting through? What is happening with my implementation of the DFW? These questions can be answered using the native NSX tools. We will give you an overview on how to track, manage, and troubleshoot packets traveling through the DFW using a combination of User Interface (UI) tools, the VMware Command Line Interface (vCLI) to view logs manually, and integrating with VMware vRealize Log Insight (vRLI) and VMware vRealize Network Insight (vRNI).

If you like my ‘no-nonsense’ blog articles that get straight to the point… then post a comment or let me know… Else, I’ll start writing boring blog content.

I’m sure like most of my fellow computer geeks we get asked quite a bit around home wireless networks etc. Well, I’ve been in the market for a new Cable Modem and Router and in the past I’ve never recommended the “all in one” solution (meaning Cable Modem and Router/Firewall in one unit). Mainly this recommendation was based on my field experience back in 2007 and seeing so many of them fail. This week, going against my own advice, I gave the Netgear C3700-100NAS all in one a try for $99. Not a bad deal as it means not as many cables, it has an integrated DOCSIS 3.0 cable modem, and it’s on COX Phoenix AZ supported list. This unit worked well for about 20 mins and as I was reading reviews around its issues, it started having them. Over and Over again it slows down. You’d think by 2016 they’d have the all in one finally figured out, but alas they don’t. My recommendation still stands, avoid the all in one.

What I have been recommending for home users in the Phoenix Area with Cox Cable running their 60-100Mbs Internet are the Arris Motorolla SB6141 Cable Modem and the NETGEAR WNDR4500-100PAS N900 wireless router. I’ve had the combo since 2012 and it’s been very rock solid. If I do have an issue with this combo it is usually outside of their control, meaning the cable company is having an issue.

The Error >> When running an Intel x710 NIC with the ESXi i40e driver you notice your vmkernel.log completely full of the error “WARNING: Link is up but PHY type 0x3 is not recognized”

The Solution >> Ensure X710 firmware is at 17.5.11 (aka 5.04 in ESXi) and ESXi i40e Driver to 1.4.26 or 1.4.28 and these errors stop

The Follow-up >> Check out your NIC on the VMWare HCL for the Correct driver/firmware guidance. This is the link I used.

Other notes…

Sending Millions of the PHY errors to your event logs could be causing other issues for your ESXi host. Look for local boot disk latency or Networking errors in your ESXi host event logs. Once you apply this solution these issues should stop. If not, then you may have other issues impacting your boot disks.

*Updates*

After applying this solution we then noticed the vmkernel started to populate with ‘driver issue detected, PF reset issued’ the solution for this is to disable TSO/LRO. VMWare KB 205140.

04-10-2017 There is a new VMware driver listed for the X710, will be testing soon and will post up results. Release notes indicate fixes for the following:
– Fix duplicate mulicast packet issue
– Fix PSOD caused by small TSO segmentation

If you like my ‘no-nonsense’ blog articles that get straight to the point… then post a comment or let me know… Else, I’ll start writing boring blog content.

Okay, the title was a bit dramatic, but it got your attention. Now keeping with my quest to deliver no-nonsense blog articles here is what the orange line means…

Question 1 – What is the function of the orange line when selecting a vmnic, port group, or vSwitch while viewing them in the Web client network settings?

The orange line is showing you the teaming order for the pNICs or vmnics based on their vSwitch or port group teaming policy. In this screenshot, the policy is Active / Active for both vmnic0 and 1.

The orange line will not move to the other pNIC’s unless they are marked as “active” in the teaming policy. “Active in the teaming policy” vs. “which pNIC is passing traffic” are two different things. The orange line is not a representation of the latter, “pNIC passing traffic”.

Question 2 – How can I tell which pNIC is currently passing traffic?

The Web or Thick client vSwitch display (aka the orange line) doesn’t display the pNIC which is currently passing network traffic. You need to use ESXTOP to determine the active pNIC.

Simply go into ESXTOP, Press N, find your vSwitch and it will lead you to the pNIC currently being used to pass traffic.

Question 3 – I had a pNIC failure why isn’t the Web client moving the orange line to the standby NIC?

Again… the orange line ONLY points to the Active pNIC in the teaming policy. In this screenshot below, the teaming policy is setup for vmnic3 as Active and vmnic2 as stand by.

Even though vmnic3 is down, traffic should be flowing through vmnic2. Use ESXTOP to determine this (See Question 2)

If you like my ‘no-nonsense’ blog articles that get straight to the point… then post a comment or let me know… Else, I’ll start writing boring blog content.

Note – I have ditched my Gigabyte z68xp-UD3 Mobo and bought another MSI 7676 board. I started this VSAN conversion with it and it started to give me fits again similar to the past. There are many web posts with bugs around this board. I am simply done with it and will move to a more reliable Mobo that is working well for me.

Install ESXi on all Hosts

Starting with Host 1

Prior to Install ensure all data has been removed and all disk show up in BIOS in AHCI Mode

Install ESXi to Local Boot HD

After the install I experienced the ESXi hanging at Boot – ‘Starting up Services – Running usbarbitrator start’

Note – for a system on the HCL, chances are the Automatic setting will work without issue. However my system is not on the any VMware HCL and I want to control the drives to add to my Disk Group.

Add Disks to VSAN

Under Virtual SAN click on ‘Disk Management’

Choose the ICON with the Check boxes on it

Finally add the disks you want in your disk group

Allow VSAN to complete its tasks, you can check on its progress by going to ‘Tasks’

Once complete ensure all disks report in as healthy.

Ensure VSAN General tab is coming up correct

3 Hosts

3 of 3 SSD’s

6 of 6 Data disks

Check to see if the data store is online

Summary –

Migrating from FreeNAS to VSAN was relatively a simple process. I simply moved, prepared, and installed and the product came right up. My only issue was working with a faulty Gigabyte Mobo which I resolved by replacing it. I’ll post up more as I continue to work with VSAN. If you are interested in more detail around VSAN I would recommend the following book.

I’ve been lucky enough to make it to every VMworld since 2008 and 2014 will be my 7th. time in a row. In this blog post I wanted to share with you a breakdown of some of the tips and tricks I’ve used to get to these events. Being the former Phoenix VMUG leader I’ve shared these tips with fellow VMUG users and now I’m sharing them with all of you. Users would tell me cost is the number one reason why they don’t go – “My Company sees value in this event but will not pay for it”. This breaks down to Food, Hotel, Travel, and the infamous golden ticket, aka the VMworld pass. So how do users overcome the cost to attend? This is what this blog post is all about…

Working with your employer –

Having your employer pick up the tab not only benefits them as a company but yourself too. As you know VMworld is full of great content and the socialization aspects are second to none. Chances are you’ll be asked to put together a total cost to attend and this cost can be quite high for some companies on a tight budget. My suggestion is if you are getting the big ‘No’ then work with your boss around the total costs. First find out why it’s a ‘No’ and look for opportunities to overcome this. Maybe your company will pay for some of the items. Example – They might be able to cover airfare, but the rest is on you. Don’t forget if your company has a VMware TAM (Technical Account Manager) reach out them. Even if you are not directly working with the TAM they are your best resource not only for VMware Technology but also for getting you to VMworld. They don’t have passes but they usually know the community very well and can assist.

Sometimes I hear “My employer will not allow me to accept gifts”. True your company may have a policy around the type of gifts you can receive and by all means follow this policy. However, keep in mind you may be able to take vacation time and represent yourself at this event not your employer. Then there is a possibility gifts could be accepted but on the premises you don’t represent your company. Some companies are okay with this but just make sure they are. If you are able to do this I would suggest you represent it as ‘personal development’.

How do I get a free VMworld Pass?

This can be your biggest challenge. However here are some ways to get your hands on one.

Give-a-ways

I can’t tell you how many vendors have giveaways contests right now — hit them early and enter as many contests as you can find

Tips-

When you enter, find out who your local vendor contact is and let them know you entered. Then stay in contact with them.

Keep in mind not all contests are the same, some are based on random drawing and others are not. This is why I say keep in contact with the vendor.

How do I find give-a-ways >> Google ‘VMworld getting there for free’

Get the word out

Tell your boss, workmates, vendors, and partners. Post on Twitter, Linked-In, etc. and Repeat again and again. By doing this you let others know about your strong interest in getting there, in turn they might get a lead for you.

Most importantly, reach out to your local VMUG leader and ask them for tips in your area. They are usually well connected and might have a lead for you as well.

Follow Twitter and Linked-In – You never know who is going to post up “I have a pass and need to give it to someone”. Yes that is right, before the event you can transfer a pass to someone.

New to Twitter, need contacts? It’s a pretty simple to get started. Simply find the #VMworld hastag, see who is posting to it and start following them. Then look at all their contacts and follow them too, soon you’ll have a gaggle of folks.

This sound like work. Why do all this? Simple, distributed coverage model. The more people know the more likely they are to help and in turn the more likely you’ll succeed

Don’t forgo an Expo-Only or Solutions Exchange Pass

If you get offered this pass take it. I can’t tell you how many vendors have these passes and have trouble giving them away, seriously this is gold but folks don’t know how to leverage them.

First off this pass has great value, there is a TON of value here.

Second this pass can get you on to the Solutions Exchange floor where all the vendors and partners are.

Once there start talking to all the vendors, fellow attendee, all those folks you meet on Twitter, etc. as you never know who has a full pass they couldn’t get rid of, take it and upgrade yours.

Third, while you are there with an Expo Pass use Twitter and the VMworld hash tags to let folks know you’re here and you are looking for a full pass.

Stop by the VMUG booth on the Expo floor, you never know who will be there and you never know if users there might be able to help you.

Vendors and Partners

Find out who is sponsoring VMworld this year, and then…

Start calling the ones you know well, ask them for support getting there.

Don’t forget to call the ones you don’t know so well too.

If you have an upcoming deal on the table with a vendor, inquire if they will throw in passes, travel, etc.

What about Food, Hotel, and Travel Costs?

Food

There will be free food everywhere, in-fact feel free to give some to the homeless I usually do.

If you get a pass then lunch and usually breakfast are included.

For dinner, find out where the nightly events are as they usually have food.

Talk with Vendors as they might take you out, you never know.

Hotel

Ask a Vendor to pay for just the room or ask them to gift hotel points to you.

Room Share with someone at the event << Think about it, you won’t be in the room that often and chances are from 7AM till 10PM you’ll be out of your room.

Use travel sites to cut down the cost.

Secret Hotels: Best Western Carriage Inn and The Mosser. Good if you’re on a budget but chances are they are full this year (2014).

Use your hotel or other travel points to book the hotel for free.

Get a low cost hotel away from the event, but watch your travel costs.

Travel

Airfare

Ask a vendor to pay for just the airfare, or maybe they have points they can gift you.

Use your own travel points to pay for this.

Rideshare to the event

See if one of your connections are driving to the event, offer to split fuel costs.

You drive someone to the event, and they pick up the hotel or vise versa.

Local Travel

Use the following –

VMworld Shuttle

Bus

Uber

BART

Once again hit up those vendors, they might have a way to get you around for free

Finally here is a breakdown of how I got to so many events and how/who paid for it….

Year

Pass

Travel

Food

Hotel

2008 VMworld

Vendor Sponsor – Full Pass

Employer Paid

Vendor / Event

Employer Paid

2009 VMworld

VMUG Sponsored – Full Pass

Vendor paid for Airfare with Miles

Vendor / Event

Employer Paid

2010 VMworld

VMUG Sponsored – Full Pass

Vendor paid for Airfare with Miles

Vendor / Event

Vendor Sponsored

2011 VMworld

Vendor Sponsor – Expo Pass but I got an upgrade to Full by asking others

I drove two others and I paid for the fuel

Vendor / Event

Travel Companion paid for room

2012 VMworld

Employee Labs

Employer Paid

Employer Paid

Employer Paid

2013 VMworld

Employee TAM

Employer Paid

Employer Paid

Employer Paid

2014 VMworld

Employee TAM

Employer Paid

Employer Paid

Employer Paid

Summing it up…

My take is this, if you REALLY want to go you’ll get there but sometimes it takes effort to do so and if you do it right it might not cost you a thing. Don’t let anything stop you and find your way there.

Finally, after you’ve been to the event don’t forget about the folks who got you there and say ‘Thank you’. Then over the next year continue to build this relationship, as you never know if you’ll need help again, or you want to help someone else get there.

Recently I updated my home lab with a freeNAS server (post here). In this post, I will cover my iSCSI setup with freeNAS and ESXi 5.1.

Keep this in mind when reading – This Post is about my home lab. My Home Lab is not a high-performance production environment, its intent is to allow me to test and validate virtualization software. Some of the choices I have made here you might question, but keep in mind I’ve made these choices because they fit my environment and its intent.

Once you have your connectivity working, it’s time to setup round robin for path management.

Right click on one of the LUNS, choose ‘Manage Paths…’

Change the path selection on both the LUNS to ‘Round Robin’

Tip – After the fact if you make changes to your iSCSI settings, then ensure you check your path selection as it may go back to default

Notes and other Thoughts…

Browser Cache Issues — I had issues with freeNAS updating information on their web interface, even after reboots of the NAS and my PC. I moved to Firefox and all issues went away. I then cleared my cache in IE and these issues were gone.

Jumbo Frames — Can I use Jumbo Frames with the SYBA Dual NICs SY-PEX24028? – Short Answer is NO I was unable to get them to work in ESXi 5.1. SYBA Tech support stated the MAX Jumbo frames for this card is 7168 and it supports Windows OS’s only. I could get ESXi to accept a 4096 frame size but nothing larger. However, when enabled none of the LUNS would connect, once I moved the frame size back to 1500 everything worked perfectly. I beat this up pretty hard, adjusting all types of ESXi, networking, and freeNAS settings but in the end, I decided the 7% boost that Jumbo frames offer wasn’t worth the time or effort.

Summary…

These settings will enable my 2 ESXi Hosts to balance their connections to my iSCSI LUNS hosted by freeNAS server without the use of freeNAS Networking Teaming or aggregation. By far it is the simplest way to setup and the out of the box performance works well.

My advice is — go simple with these settings for your home lab and save your time to beat up more important issues like “how do I shutdown windows 8” J

I hope you found this post useful and if you have further questions or comments feel free to post up or reach out to me.